From: nagachika00@... Date: 2016-08-18T14:55:00+00:00 Subject: [ruby-core:76971] [Ruby trunk Bug#12660] [PATCH] openssl: avoid undefined behavior on empty SSL_write Issue #12660 has been updated by Tomoyuki Chikanaga. Backport changed from 2.1: REQUIRED, 2.2: REQUIRED, 2.3: REQUIRED to 2.1: REQUIRED, 2.2: REQUIRED, 2.3: DONE ruby_2_3 r55961 merged revision(s) 55822. ---------------------------------------- Bug #12660: [PATCH] openssl: avoid undefined behavior on empty SSL_write https://bugs.ruby-lang.org/issues/12660#change-60198 * Author: Eric Wong * Status: Closed * Priority: Normal * Assignee: Kazuki Yamaguchi * ruby -v: * Backport: 2.1: REQUIRED, 2.2: REQUIRED, 2.3: DONE ---------------------------------------- SSL_write(3ssl) manpage has this in the WARNINGS section: When calling SSL_write() with num=0 bytes to be sent the behaviour is undefined. And indeed, the new test case demonstrates failures when empty strings are used. So, match the behavior of IO#write, IO#write_nonblock, and IO#syswrite by returning zero, as the OpenSSL::SSL::SSLSocket API already closely mimics the IO one. * ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior * test/openssl/test_pair.rb (test_write_zero): new test Comments? Will commit in a week or so if no response. ---Files-------------------------------- 0001-openssl-avoid-undefined-behavior-on-empty-SSL_write.patch (2.17 KB) -- https://bugs.ruby-lang.org/ Unsubscribe: